I have implemented spring security for login to my web portal. It works fine except for one issue. I have set session timeout to 5 min. Once timeout happpens and then user click
Add the always-use-default-target attribute to your form-login tag.
<form-login always-use-default-target="true" />
If set to true, the user will always start at the value given by default-target-url, regardless of how they arrived at the login page. Maps to the alwaysUseDefaultTargetUrl property of UsernamePasswordAuthenticationFilter. Default value is false.
In Grails, this setting solves the problem in Config.groovy
grails.plugin.springsecurity.successHandler.alwaysUseDefault = true